---
apiVersion: v1
kind: Service
metadata:
  name: pl-etcd-client
  labels:
    etcd_cluster: pl-etcd
spec:
  ports:
  - name: etcd-client
    port: 2379
  selector:
    etcd_cluster: pl-etcd
---
apiVersion: v1
kind: Service
metadata:
  annotations:
  name: pl-etcd
  labels:
    etcd_cluster: pl-etcd
spec:
  clusterIP: None
  ports:
  - port: 2379
    name: client
  - port: 2380
    name: peer
  publishNotReadyAddresses: true
  selector:
    etcd_cluster: pl-etcd
---
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
  name: pl-etcd-pdb
spec:
  minAvailable: 51%
  selector:
    matchLabels:
      etcd_cluster: pl-etcd
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: pl-etcd
  labels:
    etcd_cluster: pl-etcd
spec:
  serviceName: pl-etcd
  selector:
    matchLabels:
      etcd_cluster: pl-etcd
  replicas: 3
  podManagementPolicy: Parallel
  template:
    metadata:
      name: pl-etcd
      labels:
        app: etcd
        etcd_cluster: pl-etcd
        plane: control
    spec:
      containers:
      - name: etcd
        # yamllint disable-line rule:line-length
        image: gcr.io/pixie-oss/pixie-dev-public/etcd:3.5.9@sha256:e18afc6dda592b426834342393c4c4bd076cb46fa7e10fa7818952cae3047ca9
        ports:
        - containerPort: 2379
          name: client
        - containerPort: 2380
          name: server
        env:
        - name: INITIAL_CLUSTER_SIZE
          value: '3'
        - name: CLUSTER_NAME
          # This has to match the metadata.name for things to work.
          value: pl-etcd
        - name: ETCDCTL_API
          value: '3'
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        - name: DATA_DIR
          value: /var/run/etcd
        - name: ETCD_AUTO_COMPACTION_RETENTION
          value: '5'
        - name: ETCD_AUTO_COMPACTION_MODE
          value: revision
        readinessProbe:
          exec:
            command:
            - /etc/etcd/scripts/healthcheck.sh
          failureThreshold: 3
          initialDelaySeconds: 1
          periodSeconds: 5
          successThreshold: 1
          timeoutSeconds: 5
        livenessProbe:
          exec:
            command:
            - /etc/etcd/scripts/healthcheck.sh
          failureThreshold: 5
          initialDelaySeconds: 60
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 5
        volumeMounts:
        - mountPath: /var/run/etcd
          name: etcd-data
        - mountPath: /etc/etcdtls/member/peer-tls
          name: member-peer-tls
        - mountPath: /etc/etcdtls/member/server-tls
          name: member-server-tls
        - mountPath: /etc/etcdtls/client/etcd-tls
          name: etcd-client-tls
        lifecycle:
          preStop:
            exec:
              command:
              - /etc/etcd/scripts/prestop.sh
      volumes:
      - name: member-peer-tls
        secret:
          secretName: etcd-peer-tls-certs
      - name: member-server-tls
        secret:
          secretName: etcd-server-tls-certs
      - name: etcd-client-tls
        secret:
          secretName: etcd-client-tls-certs
      - emptyDir: {}
        name: etcd-data
      tolerations:
      - key: "kubernetes.io/arch"
        operator: "Equal"
        value: "amd64"
        effect: "NoSchedule"
      - key: "kubernetes.io/arch"
        operator: "Equal"
        value: "amd64"
        effect: "NoExecute"
      - key: "kubernetes.io/arch"
        operator: "Equal"
        value: "arm64"
        effect: "NoSchedule"
      - key: "kubernetes.io/arch"
        operator: "Equal"
        value: "arm64"
        effect: "NoExecute"
